If you’re looking for a nice way to automatically ban an ip address without specifically doing the iptables command, here’s a nice script to get you started. This script parses the /etc/hosts.deny file and blocks them using iptables.

Notice that the script first flushes all the current blocked ip addresses so that you don’t accidentally block the ip addresses many times. This could cause many problems if you’re trying to unblock someone.
Have fun and be safe!

If you would like to add a custom startup script to your Linux machine (for running ircd or an iptables script for example) the process is simple.

Create a file in /etc/init.d

touch /etc/init.d/program

chmod +x /etc/init.d/program

Edit it, and create something like this

#!/bin/bash

case $1 in

start)

sudo -u irc /home/ircd/unreal start

;;

stop)

sudo -u irc /home/ircd/unreal stop

;;

esac

These scripts are run as root, so you should probably use sudo to run programs as unprivileged users.

Now we just have to add it to our default runlevel (runlevel can be found in /etc/inittab on Debian, in Ubuntu this file does not exist as far as I know). The runlevel should be the same across all Debian (including ubuntu) systems.

ln -s /etc/init.d/program /etc/rc2.d/S20program

The S20 requires a little bit of explanation. S means Start, and 20 means to run after the 19’s but before the 21+’s. It’s simply a priority system. You can replace S with K to ‘stop’ instead of ‘start’ when the computer shuts down.

I came across a “dying” Dell Latitude C680. It was old, but after looking at the specs I decided to keep it.

2.4/1.2ghz (speedstep)

1GB Ram

60GB HDD (mine was dead)

Two battery/expansion bays (one battery, one floppy)

One CD-Rom drive (thought it was dead, turned out to be the bay itself was bad)

GeForce 440 64mb video

The cdrom drive failed on me, but I was able to replace the floppy drive with another CD-rom drive.

I modified the hard drive bay caddy (mostly with electrical tape and the plastic case of a CF card) to house a 4GB CompactFlash card connected to a CF to IDE laptop convertor. With a little bit of fuss, I was able to get it to slide into the bay without catching on anything.

Using a Debian Etch CD, I did a full disk encryption LVM base install. It wasn’t too slow, however there were parts where the CF card was obviously choking a bit.

After booting into the system, I tested the CF card with hdparm -tT /dev/hda and was pleasantly surprised.

So cached reads are about 1/2 as slow as I’d expect from a regular IDE drive, but the buffered disk reads are about as high.
I’m running Fluxbox, with Iceweasel and a few other operations and am noticing no problems with performance. Sometimes when dealing with multiple files at the same time things get slow.

Like any solid-state drive, this will make your laptop much more rugged (no moving parts except for fans and cd-rom drive).

While it has limited space, I could have easily purchased a 8/16/32GB CF card with similar speeds… if I had the money.

The CF card was around $25, and the adapter was $5.

For the next stage, I plan on using the now dead CD rom bay on the side to house USB devices with a powered USB hub.

This laptop will mainly be used for school (if it gets stolen, not a big deal) and war driving.

Instead of using a complex set of firewall rules, tcpwrappers provides an easy method of restricting access to certain daemons using ip addresses, host names, and ranges. While I wouldn’t reccommend on relying soley on them, they are a great tool for workstations and other machines behind a firewall.

hosts.deny is checked first; then hosts.allow. By default, if a program is not listed in either it is granted access to everyone.

I have mixed feelings about blacklists; my website has shown up on them from time to time after all. Still, if you’re willing to get a few false positives then this should help stop quite a bit of spam.